RE: Fw: MS04-11, SSL, and ISA Server

From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Wed, 5 May 2004 12:02:50 -0500
Hi Tim,

Let me guess, they we're using Server Publishing Rules, right?

They can't even define their test environment, why should I believe the
rest?

Thanks!
Tom

Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Thor [mailto:thor@xxxxxxxxxxxxxxx] 
Sent: Wednesday, May 05, 2004 11:57 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Fw: MS04-11, SSL, and ISA Server


http://www.ISAserver.org

Go get 'em, Jim.

----- Original Message ----- 
From: "Kim, Cameron" <CKim@xxxxxxxx>
To: <NTBUGTRAQ@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Tuesday, May 04, 2004 10:16 AM
Subject: FW: MS04-11, SSL, and ISA Server


I found this response to be very interesting. Thought people might want
to know.


Cameron Kim
Mitsubishi Digital Electronics America

-----Original Message-----
From: Kayne Ian (Softlab) [mailto:Ian.Kayne@xxxxxxxxxxxxx]
Sent: Tuesday, May 04, 2004 3:42 AM
To: Kim, Cameron
Subject: RE: MS04-11, SSL, and ISA Server

Yes, it is vulnerable in every scenario. I've personally verified this
using the remote shell exploit floating around. In one of the MS
bulletins they state that ISA can prevent this vuln when all packet
filters are enabled - I found this NOT to be true. ISA remained
vulnerable. After the patch is installed, ISA starts logging SChannel
errors when the vuln is attempted to be exploited.

HTH.

> -----Original Message-----
> From: Kim, Cameron [mailto:CKim@xxxxxxxx]
> Sent: 29 April 2004 02:12
> To: NTBUGTRAQ@xxxxxxxxxxxxxxxxxxxxxx
> Subject: MS04-11, SSL, and ISA Server
>
>
> Can this DoS be performed against an ISA server which proxies the SSL
> connections? Most of the reports and comments have mentioned the fact
> that DoS can be performed against IIS servers using SSL connections.
> But I am not sure if the ISA Server 2000 web proxy actually uses the
> Microsoft SSL Library. One would suppose so...
>
> Cameron Kim
> Mitsubishi Digital Electronics America
>
> -----
> Earn up to 10 credit course hours toward the TruSecure ICSA
> Practitioner (TICSA) Credential and receive a TICSA exam coupon by
> attending the Infosecurity Canada 2004 conference.
> Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy
> firewall will present on June 3 at 11:30 AM.  Visit
<https://ticsa.trusecure.com>  for certification details and
<http://www.infosecuritycanada.com>  for conference information.  Become
TICSA certified and see what happens!
-----


********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed.

If you are not the intended recipient or the person responsible for
delivering to the intended recipient, be advised that you have received
this email in error and that any use of the information contained within
this email or attachments is strictly prohibited.

Internet communications are not secure and Softlab does not accept any
legal responsibility for the content of this message. Any opinions
expressed in the email are those of the individual and not necessarily
those of the Company.

If you have received this email in error, or if you are concerned with
the content of this email please notify the IT helpdesk by telephone on
+44 (0)121 788 5480.

********************************************************************

-----
Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner
(TICSA) Credential and receive a TICSA exam coupon by attending the
Infosecurity Canada 2004 conference.  Featured speaker, Marcus J. Ranum,
TruSecure inventor of the proxy firewall will present on June 3 at 11:30
AM.
Visit <https://ticsa.trusecure.com>  for certification details and
<http://www.infosecuritycanada.com>  for conference information.  Become
TICSA certified and see what happens!
-----


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
RE: Fw: MS04-11, SSL, and ISA Server

Other related posts:
